[squid-users] Is there a scalable way in SSL-Bump forwarding client's certificate to server?

GeorgeShen g2011828 at hotmail.com
Wed Dec 11 05:48:10 UTC 2019


>Yes, look for "client certificate" in your squid.conf.documented.

Ok. for the 'clientca=' and 'tls-cafile=', is the purpose for proxy to
verify the client cert again this list before allow the connection to go
further? or it can use those client certificate also for other things?

Also the RFC TLS 1.2 says client send certificate only if the server asks
it, here it means the proxy. Does this configure 'clientca=' signal all the
client to send their certificate if it has one?

thanks.
- George



--
Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html


More information about the squid-users mailing list